﻿using System;
using System.Linq;
using System.Collections.Generic;

namespace Watson
{
    public class VulnerabilityCollection
    {
        private readonly List<Vulnerability> _vulnerabilities;

        public void SetAsVulnerable(string id)
            => _vulnerabilities.First(e => e.Identification == id).SetAsVulnerable();

        public VulnerabilityCollection()
        {
            _vulnerabilities = Populate();
        }

        public void ShowResults()
        {
            foreach (Vulnerability vuln in _vulnerabilities.Where(i => i.Vulnerable))
            {
                Console.WriteLine(" [!] {0} : VULNERABLE", vuln.Identification);

                foreach (string exploit in vuln.KnownExploits)
                {
                    Console.WriteLine("  [>] {0}", exploit);
                }

                Console.WriteLine();
            }

            if (_vulnerabilities.Any(e => e.Vulnerable))
                Console.WriteLine(" [*] Finished. Found {0} potential vulnerabilities.\r\n", _vulnerabilities.Count(i => i.Vulnerable));
            else
                Console.WriteLine(" [*] Finished. Found 0 vulnerabilities.\r\n");
        }

        private List<Vulnerability> Populate()
        {
            return new List<Vulnerability>()
            {
                new Vulnerability(
                    id: "CVE-2019-0836",
                    exploits: new string[] { "https://exploit-db.com/exploits/46718", "https://decoder.cloud/2019/04/29/combinig-luafv-postluafvpostreadwrite-race-condition-pe-with-diaghub-collector-exploit-from-standard-user-to-system/" }
                    ),

                new Vulnerability(
                    id: "CVE-2019-0841",
                    exploits: new string[] { "https://github.com/rogue-kdc/CVE-2019-0841", "https://rastamouse.me/tags/cve-2019-0841/" }
                    ),

                new Vulnerability(
                    id: "CVE-2019-1064",
                    exploits: new string[] { "https://www.rythmstick.net/posts/cve-2019-1064/" }
                    ),

                new Vulnerability(
                    id: "CVE-2019-1130",
                    exploits: new string[] { "https://github.com/S3cur3Th1sSh1t/SharpByeBear" }
                    ),

                new Vulnerability(
                    id: "CVE-2019-1253",
                    exploits: new string[] { "https://github.com/padovah4ck/CVE-2019-1253", "https://github.com/sgabe/CVE-2019-1253" }
                    ),

                new Vulnerability(
                    id: "CVE-2019-1315",
                    exploits: new string[] { "https://offsec.almond.consulting/windows-error-reporting-arbitrary-file-move-eop.html" }
                    ),

                new Vulnerability(
                    id: "CVE-2019-1385",
                    exploits: new string[] { "https://www.youtube.com/watch?v=K6gHnr-VkAg" }
                    ),

                new Vulnerability(
                    id: "CVE-2019-1388",
                    exploits: new string[] { "https://github.com/jas502n/CVE-2019-1388" }
                    ),

                new Vulnerability(
                    id: "CVE-2019-1405",
                    exploits: new string[] { "https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2019/november/cve-2019-1405-and-cve-2019-1322-elevation-to-system-via-the-upnp-device-host-service-and-the-update-orchestrator-service/", "https://github.com/apt69/COMahawk" }
                    ),
                new Vulnerability(
                    id: "CVE-2020-0668",
                    exploits: new string[] { "https://github.com/itm4n/SysTracingPoc" }
                    ),
                new Vulnerability(
                    id: "CVE-2020-0683",
                    exploits: new string[] { "https://github.com/padovah4ck/CVE-2020-0683", "https://raw.githubusercontent.com/S3cur3Th1sSh1t/Creds/master/PowershellScripts/cve-2020-0683.ps1" }
                    ),
                new Vulnerability(
                    id: "CVE-2020-1013",
                    exploits: new string[] { "https://www.gosecure.net/blog/2020/09/08/wsus-attacks-part-2-cve-2020-1013-a-windows-10-local-privilege-escalation-1-day/" }
                    )
            };
        }
    }
}
